认证支持同一类型多绑定
This commit is contained in:
gazebo
@@ -82,7 +82,7 @@ type IAuther interface {
|
|||||||
// 负责验证secret,并找到相应的用户返回(password,email,mobile类型的不负责用户查找)如果找不到用户UserID为空
|
// 负责验证secret,并找到相应的用户返回(password,email,mobile类型的不负责用户查找)如果找不到用户UserID为空
|
||||||
VerifySecret(authID, authSecret string) (authBindEx *AuthBindEx, err error)
|
VerifySecret(authID, authSecret string) (authBindEx *AuthBindEx, err error)
|
||||||
AddAuthBind(authBindEx *AuthBindEx, userName string) (err error)
|
AddAuthBind(authBindEx *AuthBindEx, userName string) (err error)
|
||||||
UnbindAuth(userID, authType, userName string) (err error)
|
UnbindAuth(userID, authType, authTypeID, userName string) (err error)
|
||||||
Logout(authInfo *AuthInfo) (err error)
|
Logout(authInfo *AuthInfo) (err error)
|
||||||
GetUserType() (userType int8)
|
GetUserType() (userType int8)
|
||||||
}
|
}
|
||||||
@@ -314,7 +314,7 @@ func AddAuthBind(user IUser, newAuthInfo *AuthInfo) (err error) {
|
|||||||
} else {
|
} else {
|
||||||
if handler := authers[newAuthInfo.AuthBindInfo.Type]; handler != nil {
|
if handler := authers[newAuthInfo.AuthBindInfo.Type]; handler != nil {
|
||||||
newAuthInfo.AuthBindInfo.UserID = user.GetID()
|
newAuthInfo.AuthBindInfo.UserID = user.GetID()
|
||||||
handler.UnbindAuth(user.GetID(), newAuthInfo.GetAuthType(), user.GetName())
|
handler.UnbindAuth(user.GetID(), newAuthInfo.GetAuthType(), newAuthInfo.GetAuthTypeID(), user.GetName())
|
||||||
err = handler.AddAuthBind(newAuthInfo.AuthBindInfo, user.GetName())
|
err = handler.AddAuthBind(newAuthInfo.AuthBindInfo, user.GetName())
|
||||||
} else {
|
} else {
|
||||||
err = ErrIllegalAuthType
|
err = ErrIllegalAuthType
|
||||||
@@ -323,10 +323,10 @@ func AddAuthBind(user IUser, newAuthInfo *AuthInfo) (err error) {
|
|||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
func UnbindAuth(userID, authType, userName string) (err error) {
|
func UnbindAuth(userID, authType, authTypeID, userName string) (err error) {
|
||||||
globals.SugarLogger.Debugf("UnbindAuth userID:%s, authType:%s, userName:%s", userID, authType, userName)
|
globals.SugarLogger.Debugf("UnbindAuth userID:%s, authType:%s, authTypeID:%s, userName:%s", userID, authType, authTypeID, userName)
|
||||||
if handler := authers[authType]; handler != nil {
|
if handler := authers[authType]; handler != nil {
|
||||||
err = handler.UnbindAuth(userID, authType, userName)
|
err = handler.UnbindAuth(userID, authType, authTypeID, userName)
|
||||||
} else {
|
} else {
|
||||||
err = ErrIllegalAuthType
|
err = ErrIllegalAuthType
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -13,12 +13,12 @@ const (
|
|||||||
)
|
)
|
||||||
|
|
||||||
type UserBasic struct {
|
type UserBasic struct {
|
||||||
UserID string `json:"userID"`
|
UserID string `json:"userID"`
|
||||||
UserID2 string `json:"userID2"`
|
UserID2 string `json:"userID2"`
|
||||||
Mobile string `json:"mobile"`
|
Mobile string `json:"mobile"`
|
||||||
Email string `json:"email"`
|
Email string `json:"email"`
|
||||||
Name string `json:"name"`
|
Name string `json:"name"`
|
||||||
Avatar string `json:"avatar"`
|
Avatar string `json:"avatar"`
|
||||||
}
|
}
|
||||||
|
|
||||||
func (u *UserBasic) GetID() string {
|
func (u *UserBasic) GetID() string {
|
||||||
@@ -83,6 +83,10 @@ func (a *AuthInfo) GetAuthType() string {
|
|||||||
return a.AuthBindInfo.Type
|
return a.AuthBindInfo.Type
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (a *AuthInfo) GetAuthTypeID() string {
|
||||||
|
return a.AuthBindInfo.TypeID
|
||||||
|
}
|
||||||
|
|
||||||
func (a *AuthInfo) GetUserTag() string {
|
func (a *AuthInfo) GetUserTag() string {
|
||||||
userTag := a.GetID2()
|
userTag := a.GetID2()
|
||||||
if userTag == "" {
|
if userTag == "" {
|
||||||
|
|||||||
@@ -31,7 +31,7 @@ func (a *Auther) VerifySecret(dummy, code string) (authBindEx *auth2.AuthBindEx,
|
|||||||
if err == nil {
|
if err == nil {
|
||||||
userInfo, err2 := api.AliPayAPI.UserInfoShare(tokenInfo.AccessToken)
|
userInfo, err2 := api.AliPayAPI.UserInfoShare(tokenInfo.AccessToken)
|
||||||
if err = err2; err == nil {
|
if err = err2; err == nil {
|
||||||
if authBindEx, err = a.UnionFindAuthBind(AuthType, nil, userInfo.UserID, "", userInfo); err == nil {
|
if authBindEx, err = a.UnionFindAuthBind(AuthType, api.AliPayAPI.GetAppID(), nil, userInfo.UserID, "", userInfo); err == nil {
|
||||||
authBindEx.UserHint = &auth2.UserBasic{
|
authBindEx.UserHint = &auth2.UserBasic{
|
||||||
Name: userInfo.NickName,
|
Name: userInfo.NickName,
|
||||||
Avatar: userInfo.Avatar,
|
Avatar: userInfo.Avatar,
|
||||||
|
|||||||
@@ -35,13 +35,17 @@ func (a *DefAuther) AddAuthBind(authBindEx *auth2.AuthBindEx, userName string) (
|
|||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
func (a *DefAuther) UnbindAuth(userID, authType, userName string) (err error) {
|
func (a *DefAuther) UnbindAuth(userID, authType, authTypeID, userName string) (err error) {
|
||||||
globals.SugarLogger.Debugf("DefAuther.UnbindAuth userID:%s, authType:%s, userName:%s", userID, authType, userName)
|
globals.SugarLogger.Debugf("DefAuther.UnbindAuth userID:%s, authType:%s, GetAuthTypeID:%s, userName:%s", userID, authType, authTypeID, userName)
|
||||||
_, err = dao.DeleteEntityLogically(nil, &model.AuthBind{}, nil, userName, map[string]interface{}{
|
condition := map[string]interface{}{
|
||||||
"UserID": userID,
|
"UserID": userID,
|
||||||
"Type": authType,
|
"Type": authType,
|
||||||
model.FieldDeletedAt: utils.DefaultTimeValue,
|
model.FieldDeletedAt: utils.DefaultTimeValue,
|
||||||
})
|
}
|
||||||
|
if authTypeID != "" {
|
||||||
|
condition["TypeID"] = authTypeID
|
||||||
|
}
|
||||||
|
_, err = dao.DeleteEntityLogically(dao.GetDB(), &model.AuthBind{}, nil, userName, condition)
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|
||||||
@@ -59,9 +63,9 @@ func (a *DefAuther) GetUserType() (userType int8) {
|
|||||||
}
|
}
|
||||||
|
|
||||||
// 此函数用于联合(通过unionID)查找用户
|
// 此函数用于联合(通过unionID)查找用户
|
||||||
func (a *DefAuther) UnionFindAuthBind(curAuthType string, unionAuthTypeList []string, openID, unionID string, authDetail interface{}) (authBindEx *auth2.AuthBindEx, err error) {
|
func (a *DefAuther) UnionFindAuthBind(curAuthType, curAuthTypeID string, unionAuthTypeList []string, openID, unionID string, authDetail interface{}) (authBindEx *auth2.AuthBindEx, err error) {
|
||||||
globals.SugarLogger.Debugf("UnionFindAuthBind curAuthType:%s, unionAuthTypeList:%v, openID:%s, unionID:%s, authDetail:%s",
|
globals.SugarLogger.Debugf("UnionFindAuthBind curAuthType:%s, curAuthTypeID:%s, unionAuthTypeList:%v, openID:%s, unionID:%s, authDetail:%s",
|
||||||
curAuthType, unionAuthTypeList, openID, unionID, utils.Format4Output(authDetail, true))
|
curAuthType, curAuthTypeID, unionAuthTypeList, openID, unionID, utils.Format4Output(authDetail, true))
|
||||||
db := dao.GetDB()
|
db := dao.GetDB()
|
||||||
var authBind *model.AuthBind
|
var authBind *model.AuthBind
|
||||||
if authBind, err = dao.GetAuthBind(db, model.AuthBindTypeAuth, curAuthType, openID); err == nil { // 直接找到了
|
if authBind, err = dao.GetAuthBind(db, model.AuthBindTypeAuth, curAuthType, openID); err == nil { // 直接找到了
|
||||||
@@ -77,6 +81,7 @@ func (a *DefAuther) UnionFindAuthBind(curAuthType string, unionAuthTypeList []st
|
|||||||
if authBindList, err = dao.GetUserBindAuthInfo(db, "", model.AuthBindTypeAuth, unionAuthTypeList, "", unionID); err == nil && len(authBindList) > 0 { // 通过unionID找到至少一个认证方式
|
if authBindList, err = dao.GetUserBindAuthInfo(db, "", model.AuthBindTypeAuth, unionAuthTypeList, "", unionID); err == nil && len(authBindList) > 0 { // 通过unionID找到至少一个认证方式
|
||||||
authBind = authBindList[0]
|
authBind = authBindList[0]
|
||||||
authBind.Type = curAuthType
|
authBind.Type = curAuthType
|
||||||
|
authBind.TypeID = curAuthTypeID
|
||||||
authBind.AuthID = openID
|
authBind.AuthID = openID
|
||||||
if authDetail != nil {
|
if authDetail != nil {
|
||||||
authBind.DetailData = string(utils.MustMarshal(authDetail))
|
authBind.DetailData = string(utils.MustMarshal(authDetail))
|
||||||
@@ -84,7 +89,7 @@ func (a *DefAuther) UnionFindAuthBind(curAuthType string, unionAuthTypeList []st
|
|||||||
authBindEx = &auth2.AuthBindEx{
|
authBindEx = &auth2.AuthBindEx{
|
||||||
AuthBind: *authBind,
|
AuthBind: *authBind,
|
||||||
}
|
}
|
||||||
a.UnbindAuth(authBind.UserID, curAuthType, model.AdminName)
|
a.UnbindAuth(authBind.UserID, curAuthType, curAuthTypeID, model.AdminName)
|
||||||
err = a.AddAuthBind(authBindEx, model.AdminName) // 自动绑定
|
err = a.AddAuthBind(authBindEx, model.AdminName) // 自动绑定
|
||||||
} else if dao.IsNoRowsError(err) {
|
} else if dao.IsNoRowsError(err) {
|
||||||
err = nil
|
err = nil
|
||||||
@@ -97,6 +102,7 @@ func (a *DefAuther) UnionFindAuthBind(curAuthType string, unionAuthTypeList []st
|
|||||||
authBindEx = &auth2.AuthBindEx{
|
authBindEx = &auth2.AuthBindEx{
|
||||||
AuthBind: model.AuthBind{
|
AuthBind: model.AuthBind{
|
||||||
Type: curAuthType,
|
Type: curAuthType,
|
||||||
|
TypeID: curAuthTypeID,
|
||||||
AuthID: openID,
|
AuthID: openID,
|
||||||
AuthID2: unionID,
|
AuthID2: unionID,
|
||||||
},
|
},
|
||||||
|
|||||||
@@ -27,7 +27,7 @@ func (a *QRCodeAuther) VerifySecret(dummy, code string) (authBindEx *auth2.AuthB
|
|||||||
userQRInfo, err := api.DingDingQRCodeAPI.GetUserInfoByCode(code)
|
userQRInfo, err := api.DingDingQRCodeAPI.GetUserInfoByCode(code)
|
||||||
if err == nil {
|
if err == nil {
|
||||||
globals.SugarLogger.Debugf("dingding qrcode VerifySecret code:%s, userQRInfo:%s", code, utils.Format4Output(userQRInfo, false))
|
globals.SugarLogger.Debugf("dingding qrcode VerifySecret code:%s, userQRInfo:%s", code, utils.Format4Output(userQRInfo, false))
|
||||||
if authBindEx, err = a.UnionFindAuthBind(AuthTypeQRCode, []string{AuthTypeStaff, AuthTypeQRCode}, userQRInfo.OpenID, userQRInfo.UnionID, userQRInfo); err == nil {
|
if authBindEx, err = a.UnionFindAuthBind(AuthTypeQRCode, api.DingDingQRCodeAPI.GetAppID(), []string{AuthTypeStaff, AuthTypeQRCode}, userQRInfo.OpenID, userQRInfo.UnionID, userQRInfo); err == nil {
|
||||||
authBindEx.UserHint = &auth2.UserBasic{
|
authBindEx.UserHint = &auth2.UserBasic{
|
||||||
Name: userQRInfo.Nickname,
|
Name: userQRInfo.Nickname,
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -29,7 +29,7 @@ func (a *StaffAuther) VerifySecret(dummy, code string) (authBindEx *auth2.AuthBi
|
|||||||
if err == nil {
|
if err == nil {
|
||||||
userDetail, err2 := api.DingDingAPI.GetUserDetail(userID.UserID)
|
userDetail, err2 := api.DingDingAPI.GetUserDetail(userID.UserID)
|
||||||
if err = err2; err == nil {
|
if err = err2; err == nil {
|
||||||
if authBindEx, err = a.UnionFindAuthBind(AuthTypeStaff, []string{AuthTypeStaff, AuthTypeQRCode}, userID.UserID, utils.Interface2String(userDetail["unionid"]), userDetail); err == nil {
|
if authBindEx, err = a.UnionFindAuthBind(AuthTypeStaff, api.DingDingQRCodeAPI.GetAppID(), []string{AuthTypeStaff, AuthTypeQRCode}, userID.UserID, utils.Interface2String(userDetail["unionid"]), userDetail); err == nil {
|
||||||
authBindEx.UserHint = &auth2.UserBasic{
|
authBindEx.UserHint = &auth2.UserBasic{
|
||||||
UserID2: userID.UserID,
|
UserID2: userID.UserID,
|
||||||
Mobile: utils.Interface2String(userDetail["mobile"]),
|
Mobile: utils.Interface2String(userDetail["mobile"]),
|
||||||
|
|||||||
@@ -85,6 +85,6 @@ func (a *Auther) AddAuthBind(authBindEx *auth2.AuthBindEx, userName string) (err
|
|||||||
}
|
}
|
||||||
|
|
||||||
// 此函数为空
|
// 此函数为空
|
||||||
func (a *Auther) UnbindAuth(userID, authType, userName string) (err error) {
|
func (a *Auther) UnbindAuth(userID, authType, authTypeID, userName string) (err error) {
|
||||||
return err
|
return err
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -71,7 +71,7 @@ func (a *Auther) VerifySecret(id, secret string) (authBindEx *auth2.AuthBindEx,
|
|||||||
if err == nil {
|
if err == nil {
|
||||||
wxUserinfo, err2 := a.getAPI().SNSGetUserInfo(accessToken, openID)
|
wxUserinfo, err2 := a.getAPI().SNSGetUserInfo(accessToken, openID)
|
||||||
if err = err2; err == nil {
|
if err = err2; err == nil {
|
||||||
if authBindEx, err = a.UnionFindAuthBind(a.authType, []string{AuthTypeWeixin, AuthTypeMP, AuthTypeMini, AuthTypeWXNative}, wxUserinfo.OpenID, wxUserinfo.UnionID, wxUserinfo); err == nil {
|
if authBindEx, err = a.UnionFindAuthBind(a.authType, a.getAPI().GetAppID(), []string{AuthTypeWeixin, AuthTypeMP, AuthTypeMini, AuthTypeWXNative}, wxUserinfo.OpenID, wxUserinfo.UnionID, wxUserinfo); err == nil {
|
||||||
authBindEx.UserHint = &auth2.UserBasic{
|
authBindEx.UserHint = &auth2.UserBasic{
|
||||||
Name: wxUserinfo.NickName,
|
Name: wxUserinfo.NickName,
|
||||||
Avatar: wxUserinfo.HeadImgURL,
|
Avatar: wxUserinfo.HeadImgURL,
|
||||||
|
|||||||
@@ -42,7 +42,7 @@ func (a *MiniAuther) VerifySecret(dummy, jsCode string) (authBindEx *auth2.AuthB
|
|||||||
if err == nil {
|
if err == nil {
|
||||||
sessionKey := sessionInfo.SessionKey
|
sessionKey := sessionInfo.SessionKey
|
||||||
sessionInfo.SessionKey = ""
|
sessionInfo.SessionKey = ""
|
||||||
if authBindEx, err = a.UnionFindAuthBind(AuthTypeMini, []string{AuthTypeWeixin, AuthTypeMP, AuthTypeMini, AuthTypeWXNative}, sessionInfo.OpenID, sessionInfo.UnionID, sessionInfo); err == nil {
|
if authBindEx, err = a.UnionFindAuthBind(AuthTypeMini, getWxApp(appID).GetAppID(), []string{AuthTypeWeixin, AuthTypeMP, AuthTypeMini, AuthTypeWXNative}, sessionInfo.OpenID, sessionInfo.UnionID, sessionInfo); err == nil {
|
||||||
authBindEx.UserData = sessionKey
|
authBindEx.UserData = sessionKey
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
@@ -57,7 +57,7 @@ func (a *MiniAuther) DecryptData(authInfo *auth2.AuthInfo, jsCode, encryptedData
|
|||||||
if jsCode != "" {
|
if jsCode != "" {
|
||||||
sessionInfo, err := getWxApp(appID).SNSCode2Session(jsCode)
|
sessionInfo, err := getWxApp(appID).SNSCode2Session(jsCode)
|
||||||
if err == nil {
|
if err == nil {
|
||||||
if authBindEx, err := a.UnionFindAuthBind(AuthTypeMini, []string{AuthTypeMini}, sessionInfo.OpenID, "", nil); err == nil {
|
if authBindEx, err := a.UnionFindAuthBind(AuthTypeMini, getWxApp(appID).GetAppID(), []string{AuthTypeMini}, sessionInfo.OpenID, "", nil); err == nil {
|
||||||
if authBindEx.UserID != authInfo.GetID() {
|
if authBindEx.UserID != authInfo.GetID() {
|
||||||
return "", fmt.Errorf("jsCode与token不匹配")
|
return "", fmt.Errorf("jsCode与token不匹配")
|
||||||
}
|
}
|
||||||
|
|||||||
@@ -20,6 +20,7 @@ type AuthBind struct {
|
|||||||
BindType int8 `json:"bindType"`
|
BindType int8 `json:"bindType"`
|
||||||
Type string `orm:"size(16)" json:"type"`
|
Type string `orm:"size(16)" json:"type"`
|
||||||
|
|
||||||
|
TypeID string `orm:"size(32);column(type_id)" json:"typeID"`
|
||||||
UserID string `orm:"size(48);column(user_id);index" json:"userID"`
|
UserID string `orm:"size(48);column(user_id);index" json:"userID"`
|
||||||
Status int8 `json:"status"`
|
Status int8 `json:"status"`
|
||||||
AuthID2 string `orm:"size(48);column(auth_id2);index" json:"authID2"`
|
AuthID2 string `orm:"size(48);column(auth_id2);index" json:"authID2"`
|
||||||
|
|||||||
@@ -275,6 +275,7 @@ func (c *Auth2Controller) AddAuthBind() {
|
|||||||
// @Description 删除认证方式
|
// @Description 删除认证方式
|
||||||
// @Param token header string true "认证token"
|
// @Param token header string true "认证token"
|
||||||
// @Param authType query string true "登录类型,参见Login的描述"
|
// @Param authType query string true "登录类型,参见Login的描述"
|
||||||
|
// @Param authTypeID query string false "登录类型标识"
|
||||||
// @Success 200 {object} controllers.CallResult
|
// @Success 200 {object} controllers.CallResult
|
||||||
// @Failure 200 {object} controllers.CallResult
|
// @Failure 200 {object} controllers.CallResult
|
||||||
// @router /RemoveAuthBind [delete]
|
// @router /RemoveAuthBind [delete]
|
||||||
@@ -282,7 +283,7 @@ func (c *Auth2Controller) RemoveAuthBind() {
|
|||||||
c.callRemoveAuthBind(func(params *tAuth2RemoveAuthBindParams) (retVal interface{}, errCode string, err error) {
|
c.callRemoveAuthBind(func(params *tAuth2RemoveAuthBindParams) (retVal interface{}, errCode string, err error) {
|
||||||
authInfo, err2 := params.Ctx.GetV2AuthInfo()
|
authInfo, err2 := params.Ctx.GetV2AuthInfo()
|
||||||
if err = err2; err == nil {
|
if err = err2; err == nil {
|
||||||
err = auth2.UnbindAuth(authInfo.GetID(), params.AuthType, params.Ctx.GetUserName())
|
err = auth2.UnbindAuth(authInfo.GetID(), params.AuthType, params.AuthTypeID, params.Ctx.GetUserName())
|
||||||
}
|
}
|
||||||
return retVal, "", err
|
return retVal, "", err
|
||||||
})
|
})
|
||||||
|
|||||||
Reference in New Issue
Block a user